Data Protection

1. Data Privacy at a Glance

General Information

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data refers to all data that can personally identify you. For detailed information on data privacy, please see our Privacy Policy below.

Data Collection on this Website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. Their contact details can be found in the section “Notice about the Responsible Party” in this Privacy Policy.

How do we collect your data?

Some data is collected when you provide it to us. This could include data entered into a contact form, for example. Other data is collected automatically or after your consent when visiting the website by our IT systems. This includes mainly technical data (e.g., internet browser, operating system, or time of the page view). This data is collected automatically as soon as you access this website.

What do we use your data for?

Part of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right at any time to obtain information about the origin, recipients, and purpose of your stored personal data free of charge. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can withdraw it at any time with future effect. You also have the right to request the restriction of the processing of your personal data under certain circumstances. Additionally, you have the right to lodge a complaint with the competent supervisory authority. For this and further questions on the subject of data privacy, you can contact us at any time.

Analysis Tools and Third-Party Tools

When you visit this website, your browsing behavior may be statistically analyzed. This is done primarily with so-called analysis programs. Detailed information on these analysis programs can be found in the following Privacy Policy.

2. Hosting

We host the content of our website with the following provider:

Externes Hosting

This website is hosted externally. The personal data collected on this website is stored on the servers of the host(s). This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses, and other data generated through a website.

External hosting is performed to fulfill contracts with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast, and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). If consent has been requested, processing is solely based on Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, provided the consent includes storing cookies or accessing information on the user’s device (e.g., device fingerprinting) within the meaning of the TTDSG. The consent can be withdrawn at any time.

Our host(s) will only process your data as necessary to fulfill its service obligations and will follow our instructions regarding this data.

We use the following host(s):

Cloudflare Germany GmbH
Rosental 7
c/o Mindspace
80331 Munich

3. General Information and Mandatory Disclosures

Data Privacy

The operators of these pages take the protection of your personal data very seriously. We handle your personal data confidentially and in accordance with legal data protection regulations and this Privacy Policy. When you use this website, various personal data is collected. Personal data is data that can personally identify you. This Privacy Policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens. We would like to point out that data transmission on the internet (e.g., when communicating via email) may have security vulnerabilities. Complete protection of data from access by third parties is not possible.

Notice about the Responsible Party

he responsible party for data processing on this website is:

Nicolas Davin Sole Proprietorship
Mehringdamm 31
10961 Berlin

Phone : +49 176 649 33 022
E-Mail: kontakt [ät] 100only.de

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Storage Duration

Unless a specific storage period is stated within this Privacy Policy, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or withdraw your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, deletion occurs after these reasons no longer apply.

General Information on the Legal Basis for Data Processing on This Website

If you have consented to data processing, we process your personal data based on Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, if special categories of data under Article 9(1) GDPR are processed. In cases where explicit consent has been given to transfer personal data to third countries, data processing is also based on Article 49(1)(a) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), data processing will also be based on Section 25(1) TTDSG. Consent may be withdrawn at any time. If your data is required for contract performance or pre-contractual measures, we process your data on the basis of Article 6(1)(b) GDPR. Furthermore, we process your data if required to fulfill a legal obligation under Article 6(1)(c) GDPR. Data processing may also be based on our legitimate interest under Article 6(1)(f) GDPR. The specific legal basis for each case is outlined in the following sections of this privacy policy.

Recipients of Personal Data

As part of our business activities, we work with various external parties. This sometimes requires the transfer of personal data to these external parties. We only share personal data with third parties if it is necessary to fulfill a contract, if we are legally required to do so (e.g., sharing data with tax authorities), if we have a legitimate interest under Article 6(1)(f) GDPR, or if another legal basis permits data sharing. When using processors, we only transfer personal data of our customers based on a valid processing agreement. In the case of joint processing, a joint processing agreement will be concluded.

Revocation of Your Consent to Data Processing

Many data processing operations are only possible with your explicit consent. You may revoke your consent at any time. The legality of data processing carried out before the revocation remains unaffected by the revocation.

Right to Object to Data Collection in Special Cases and to Direct Marketing (Article 21 GDPR)

IF DATA PROCESSING IS BASED ON ARTICLE 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS FOR PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OUTWEIGH YOUR INTERESTS, RIGHTS, AND FREEDOMS OR THE PROCESSING SERVES TO ESTABLISH, EXERCISE, OR DEFEND LEGAL CLAIMS (OBJECTION UNDER ARTICLE 21(1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS ASSOCIATED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION UNDER ARTICLE 21(2) GDPR).

Right to Lodge a Complaint with the Competent Supervisory Authority

In the event of GDPR violations, affected individuals have the right to lodge a complaint with a supervisory authority, particularly in the Member State of their habitual residence, place of work, or location of the alleged violation. The right to complain is without prejudice to other administrative or judicial remedies.

Right to Data Portability

You have the right to have data we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or a third party in a commonly used, machine-readable format. If you request the direct transfer of data to another responsible party, this will only take place if technically feasible.

Access, Rectification, and Deletion

You have the right at any time to obtain free information on your stored personal data, their origin and recipients, and the purpose of data processing, as well as a right to rectify or delete these data if necessary. For further questions on the topic of personal data, you may contact us at any time.

Right to Restriction of Processing

You have the right to request the restriction of processing of your personal data. You can contact us at any time to exercise this right. The right to restriction of processing applies in the following cases:

  • If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.

  • If the processing of your personal data was/is unlawful, you may request the restriction of data processing instead of deletion.

  • If we no longer need your personal data, but you need them to establish, exercise, or defend legal claims, you have the right to request the restriction of processing of your personal data instead of deletion.

  • If you have filed an objection under Article 21(1) GDPR, a balance must be struck between your interests and ours. As long as it has not been determined whose interests prevail, you have the right to request the restriction of processing of your personal data.

If you have restricted the processing of your personal data, such data may only be processed (apart from being stored) with your consent or for the establishment, exercise, or defense of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.

Terms of use and Processing of Personal Data in the Context of Registration

1. General Provisions
These terms of use govern the relationship between you as a user and 100only. By registering with 100only, you confirm that you are at least 18 years old and have the legal authority to use the platform. These terms of use apply to the use of our platform and the associated email services, including registration, verification, and product drop notifications. By using the services of 100only, you agree to these terms of use.

2. Types of Data Processed
We process your email address and, if applicable, your name in the context of registration and usage of our service. This information is necessary to grant you access to our exclusive product drops and to send you relevant information regarding your account.

3. Purpose of Data Processing
Your email address is processed for the following purposes:

  • Registration Confirmation and Account Verification:
    To use our services, you must register on our platform and ensure the accuracy of your information. After registration, we will send you a confirmation email to verify your email address and secure access to your account.

  • Notifications & Additional Product Drop Offers:
    We will inform you about upcoming and ongoing drops, as well as other offers related to the drops, so that you can take advantage of 100only’s exclusive offerings in a timely manner.

  • Account Information:

    For essential account information such as password changes or security-related alerts, we send you corresponding emails to help maintain the security and integrity of your account.

4. Legal Basis for Data Processing
The processing of your data is based on our legitimate interest in accordance with Art. 6 (1) lit. f GDPR, as these emails are necessary to facilitate your registration, enable the use of our service, and allow you to participate in our product drops. The use of your email address for notifications about product drops is part of the 100only service offering and serves our users’ interest in being informed of relevant offers.

5. Storage Duration
We store your email address and other personal data for as long as your user account is active with us or as required by law. Upon deletion of your account, your data will be erased in accordance with statutory retention periods, provided it is no longer needed.

6. Right to Withdraw and Object
You have the right to object to the processing of your email address for non-essential notifications at any time. Please contact us at [kontakt@100only.de] or use the unsubscribe link provided in the relevant emails. Please note, however, that you will continue to receive security-related and essential account notifications that are necessary for the use of our service.


Processing and Storage of Contact Data for Acquisition

As part of the business development process for our platform 100only, we process contact data of companies and relevant representatives (e.g., agencies and agency staff) obtained from publicly accessible sources, such as company websites, or provided to us by other means. This data typically includes names, business email addresses, phone numbers, and any other business-related information required for communication purposes.

The processing and storage of this contact data are carried out in compliance with the requirements of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). Only data necessary for the purpose of making contact is collected and processed. The collected data is stored in our CRM system and is used solely for the purpose of reaching out to potential business partners.

Purpose of Data Processing
Data processing is based on our legitimate interest (Art. 6(1)(f) GDPR) in business development and establishing business relationships for our platform 100only.

Right to Object
Affected individuals have the right to object to the storage and processing of their data at any time. To exercise your right to object, you can reach out to us at any time using the contact details provided in this privacy policy.

Data Deletion
If no business relationship is established or if the purpose of data processing ceases, the contact data will be promptly deleted unless legal retention requirements apply.

SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the address line of the browser changing from “http://” to “https://” and by the lock symbol in your browser line. When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

4. Data Collection on This Website

Cookies

Our websites use “cookies.” Cookies are small data packages that do not cause any damage to your device. They may be stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit. Persistent cookies remain stored on your device until you delete them yourself or an automatic deletion occurs through your web browser. Cookies can be set by us (first-party cookies) or by third parties (so-called third-party cookies). Third-party cookies allow the integration of certain services from third-party companies within websites (e.g., cookies for processing payment services). Cookies have various functions. Many cookies are technically necessary as certain website functions would not work without them (e.g., the shopping cart function or displaying videos). Other cookies may be used to analyze user behavior or for advertising purposes.

Cookies necessary for electronic communication processes, for providing certain functions requested by you (e.g., for the shopping cart function), or for optimizing the website (e.g., cookies to measure web audience) are stored based on Article 6(1)(f) GDPR unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies to ensure the technically error-free and optimized provision of its services. If consent has been requested for the storage of cookies and similar recognition technologies, processing is based exclusively on this consent (Article 6(1)(a) GDPR and Section 25(1) TTDSG); consent may be withdrawn at any time.

You can configure your browser to inform you about cookie settings, allow cookies only on a case-by-case basis, exclude the acceptance of cookies for certain cases or in general, and activate automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.

You can find out which cookies and services are used on this website in this privacy policy.

Server Log Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This includes:

  • Browser type and version

  • Operating system used

  • Referrer URL

  • Hostname of the accessing computer

  • Time of server request

  • IP address

This data is not combined with other data sources. The collection of this data is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website, for which the server log files must be recorded.

5. Plugins and Tools

1. Cloudflare Turnstile

We use Cloudflare Turnstile (hereinafter "Turnstile") on this website. The provider is Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (hereinafter "Cloudflare").

Turnstile is used to verify whether data entered on this website (e.g., in a contact form) is submitted by a human or an automated program. Turnstile analyzes the website visitor’s behavior based on various characteristics.

This analysis begins automatically as soon as the visitor enters a website with Turnstile activated. For analysis, Turnstile evaluates various information (e.g., IP address, duration of the visitor’s stay on the website, or mouse movements made by the user). The data collected during the analysis is transferred to Cloudflare.

The storage and analysis of data are based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in protecting their web offers from abusive automated spying and spam. If consent is requested (e.g., to store cookies or access information on the user’s device, such as device fingerprinting in accordance with TTDSG), data processing is based solely on Art. 6 (1) (a) GDPR and § 25 (1) TTDSG. Consent can be withdrawn at any time.

Data processing relies on Standard Contractual Clauses, which can be found here: https://www.cloudflare.com/cloudflare-customer-scc/.

For further information on Cloudflare Turnstile, please refer to Cloudflare's Privacy Policy at https://www.cloudflare.com/cloudflare-customer-dpa/.

The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the United States that aims to ensure compliance with European data protection standards for data processing in the US. Each company certified under the DPF commits to uphold these data protection standards. Further information is available from the provider at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnZKAA0&status=Active.

Source: https://www.e-recht24.de

2. Mailjet for Email Communication

We use the service Mailjet, an email delivery service provided by Mailgun Technologies, Inc., to send emails for registration, verification, and to provide information regarding product drops. Mailjet supports us in delivering relevant information about your account and our offers in a secure and reliable manner.

Mailjet processes your email address and, if necessary, your name on our behalf. This data processing by Mailjet is based on our legitimate interest in functional and efficient email delivery in accordance with Art. 6(1)(f) GDPR.

We have entered into a data processing agreement with Mailjet to ensure that your data is processed in compliance with applicable data protection regulations and used exclusively for the intended purpose. Mailjet is contractually bound to process the data only according to our instructions and to maintain the confidentiality of your data.

Mailjet’s privacy policy can be found here.